我有一个虚拟主机,它似乎运行良好,但在尝试生成 SSL 时不断出错。有人能帮我找出问题所在吗?谢谢
example.com: Domain could not be validated, error message: error type: urn:ietf:params:acme:error:unauthorized, error detail:
192.168.9.123: Invalid response from https://example.com/.well-known/acme-challenge/NOHITCjOoL1lpdh-Oh1pHUSnXvkSk00ksjBeVCWA2cY: 404
nginx vhost配置:
upstream domain-default {
zone domain-default 64k;
server 172.31.7.1:9001;
keepalive 2;
}
upstream domain-ws {
zone domain-ws 64k;
server 172.31.7.1:3012;
keepalive 2;
}
# Redirect HTTP to HTTPS
server {
listen 80;
listen [::]:80;
server_name example.com;
return 301 https://$host$request_uri;
{{root}}
location ~ /.well-known {
allow all;
{{root}}
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
if ($scheme != "https") {
rewrite ^ https://$host$uri permanent;
}
{{ssl_certificate_key}}
{{ssl_certificate}}
client_max_body_size 128M;
location / {
proxy_http_version 1.1;
proxy_set_header "Connection" "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://domain-default;
}
location /notifications/hub/negotiate {
proxy_http_version 1.1;
proxy_set_header "Connection" "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://domain-default;
}
location /notifications/hub {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Forwarded $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://domain-ws;
}
location ~ /.well-known {
allow all;
}
}
答案1
错误本身表示无法验证 example.com 域,您必须将 example.com 替换为您的域。不要忘记将服务器的 IP 地址指向域名,这样就完成了。